CN1968262B - Session control method and apparatus in IMS network - Google Patents
Session control method and apparatus in IMS network Download PDFInfo
- Publication number
- CN1968262B CN1968262B CN 200510123209 CN200510123209A CN1968262B CN 1968262 B CN1968262 B CN 1968262B CN 200510123209 CN200510123209 CN 200510123209 CN 200510123209 A CN200510123209 A CN 200510123209A CN 1968262 B CN1968262 B CN 1968262B
- Authority
- CN
- China
- Prior art keywords
- session
- representative
- information
- consumer
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention relates to a conversation control method of IMS network and relative device, wherein the setting AS (application server) to represent the authority of user initial conversation, while IMS network function solid obtains said authority information, to control the initialized conversation. The invention can detect the conversation initialization authority of AS by the IMS network function solid, to control the conversation, to avoid AS illegally represent user to initialize conversation.
Description
Technical field
The present invention relates to the network communications technology field, be specifically related to conversation controlling method and device in a kind of IMS network.
Background technology
Development along with broadband network, mobile communication will not only be confined to traditional Speech Communication, multimedia service in conjunction with multiple medium types such as audio frequency, video, picture and texts will be carried out gradually, by with presence (presenting business), management and group, the combination of data services such as short message, WEB (webpage) browse, locating information, PUSH (pushing professional), file-sharing can be satisfied user's multiple demand.
Development along with broadband network, mobile communication will not only be confined to traditional Speech Communication, multimedia service in conjunction with multiple medium types such as audio frequency, video, picture and texts will be carried out gradually, by with presence, management and group, the combination of data services such as short message, WEB (webpage) browse, locating information, PUSH (pushing professional), file-sharing can be satisfied user's multiple demand.
Under the promotion of multiple application, 3GPP (3rd Generation Partnership Project, the standardized partnership projects of 3G (Third Generation) Moblie) and 3GPP2 (3rd Generation Partnership Project2, the standardized partnership projects 2 of 3G (Third Generation) Moblie) etc. normal structure has all successively been released IP-based IP multimedia subsystem, IMS framework, purpose is to use a kind of structure of standardized opening to realize diversified multimedia application in the mobile network, and the user is more to be selected and abundanter impression to offer.
In 3GPP Release 5 (R5) stage, introduced IMS domain, be called for short IMS (IPMultimedia Subsystem, IP Multimedia System), IMS is superimposed upon on the packet field network, by CSCF (Call Session Control Function, CSCF), MGCF (Media GatewayControl Function, MGCF), MRF (Multimedia Resource Function, media resource function) and HSS (Home Subscriber Server, home signature user server) etc. functional entity is formed, wherein: CSCF can be divided into S-CSCF (Serving CSCF again, serving CSCF), three functional entitys of P-CSCF (Proxy CSCF, proxy CSCF) and I-CSCF (Interrogating CSCF, inquiry CSCF).S-CSCF is the service switching center of IMS, carries out session control, and peace preservation association's speech phase is in charge of user profile, produces charge information etc.; P-CSCF is the access point of terminal user access to IMS, finishes user's registration, is responsible for QoS control and safety management etc., and I-CSCF is responsible for the intercommunication between the IMS territory, and network topology and configuration are externally hidden in the distribution of management S-CSCF, produce metering data etc.The MGCF control gateway realizes the intercommunication of IMS network and other network, and MRF provides media resource, as the folding and unfolding sound, and encoding and decoding and multimedia conferencing bridge etc.HSS is a customer data base, storage IMS user's subscription data and configuration information etc.
Because the structure of IMS network has accomplished that carrying network with bottom has nothing to do, therefore, the IMS network of 3GPP definition also can be applied on other packet networks outside the packet field network of 3GPP definition, such as the packet network that defines among the 3GPP2, wlan network and NGN network etc., realized with the user use terminal type independence and and the independence of access network type, therefore, here do not limit IMS and only be applied in relevant network of 3GPP and the application, the access network of other types also can be realized with the IMS framework with using with the business of carrying network.
SIP (Session Initiation Protocol, Session initiation Protocol) is the IP phone signaling protocol that is proposed by IETF (Interne engineering duty group).Implication as its name surface, SIP is used for initiation session, it can control the foundation and the termination process of the Multimedia session of one or more participant's participation, and can dynamically adjust and revise session attribute, as session bandwidth require, the medium type of transmission such as voice, video, text etc., medium code/decode format, to the support of multicast and clean culture etc.In IMS, use the signaling control protocol of Session Initiation Protocol as IP multimedia session.
AAA, authentication authorization and accounting (Authentication), mandate (Authorization) and charge (Accounting), AAA is the basis that Virtual network operator carries out network operation and management always, along with the development of AAA, and new frame structure Diameter technology moulding.Diameter family comprises: basic agreement (DiameterBase Protocol) and various application protocol, wherein, basic agreement provides the Minimum requirements as an aaa protocol, be the function that the Diameter network node all must be realized, comprise the real-time Transmission of the reception of negotiation, Diameter message of ability between node and forwarding, charge information etc.Application protocol then makes full use of the message transfer mechanism that basic agreement provides, the function of standard interdependent node with and distinctive message content, realize the AAA of applied business.In IMS, just be to use Diameter to transmit relevant information on the Cx interface between HSS and I-CSCF and HSS and the S-CSCF.
HSS is the most important database of each user, in store all with signatory relevant information, be used to support the processing of each network entity to calling and session, the information of its preservation comprises: user ID, numbering and addressing information, user security information, customer position information and user description information (user profileinformation) etc.A home network can have one or more HSS, and the quantity of HSS depends on the capacity of mobile contracted user's quantity, the network equipment and concrete networking situation.Between a plurality of entities in HSS and the network interface is arranged.
The user of each IMS business of having contracted has distributed one or more private user identity IMPI by home network operator, be used for using at registration, mandate, management and charging process, IMPI uses NAI (Network Access Identifier, network access Identifier) form, each IMS user also has one or more public user identity IMPU, sign oneself finds the other side when being used for other telex networks.Private user identity is generally externally not open, and public user identity is externally disclosed, uses in the conversation procedure that uses all kinds of business.
In addition, along with professional abilities such as PRESENCE (presenting business), MESSAGING (messaging service), CONFERENCING (convention business), group service by modularization and standardization, and in the IMS network, use, a kind of new PSI (Public Service Identitity, public service identity) is introduced into.
The difference of public service identity and public user identity is: public user identity is that the user is used for identifying oneself in the use of all kinds of business, find the other side's sign, and public service identity is professional, these business generally all reside on the application server AS, such as local service (Local Service) etc., in addition, public service identity can also be used to identifying a group, such as in the business of chatroom, public service identity such as sip:chatlist_X@example.com can be used for representing a chat group, each user can set up session with this PSI, carries out the transmitting-receiving of message by the AS at this PSI place and other participants in the chat sessions.
The form of PSI can be SIP URI or TEL URI.
At present, on behalf of a user or a business of using public service identity to represent of using public user identity to represent, AS can make a call in the IMS network, when AS representative of consumer initiation session was set up, what fill out in expression initiator's the territory in the request message was exactly user's sign itself.
AS is representing IMPU (IP Multimedia PUblic identity, IP multimedia public user identity) or the PSI initiation session time, at first need to obtain the address of S-CSCF, if the AS representative of consumer uses IMPU to initiate a session request, and AS can't obtain an address for the S-CSCF of this IMPU service, and then AS can not representative of consumer initiate this conversation request.If AS uses PSI to initiate a session request, and this PSI is not assigned with a S-CSCF address, then AS uses mechanism such as DNS to finish the routing procedure of sip message, directly session is initiated to ask to send to called network.If AS has obtained the address for the S-CSCF of IMPU or PSI service, then AS sends session and initiates request to this S-CSCF.
The process that AS makes a call in the IMS network as shown in Figure 1.
Among Fig. 1, obtain the S-CSCF address at step 1, AS.If AS has obtained the address for the S-CSCF of IMPU or PSI service, to step 2a.If AS can't obtain the address into the S-CSCF of IMPU service, to step 2b.
Send the SIP INVITE to S-CSCF at step 2a, AS, the conversation media descriptor (initial SDP offer) that provides at first is provided in the SIP INVITE.
Send the network of SIP INVITE at step 2b, AS, the conversation media descriptor (initial SDP offer) that provides at first is provided in the SIP INVITE to the called subscriber place.
Determine that to step 3, S-CSCF the SIP INVITE of its reception is a request from Calling Side, trigger the relevant service logic of calling service, in this step, S-CSCF is considered as a request message that has passed through authentication and licensing process with this request message.
To step 4, this step is two reciprocal processes between the S-CSCF in the network.
In step 5-6, the signaling message that returning, carry the media session descriptor of callee side.
Determine the Media Stream ability that this session need provide at step 7-8, AS, after AS confirms its media description information of receiving the other side,, also can comprise the media description information of Calling Side in this acknowledge message to the affirmation message of callee side echo reply.
In step 9-10, the callee side affirmation message to the Calling Side echo reply, if carried media description information in the affirmation message of replying that callee side receives, then callee side also needs to carry media description information in the affirmation message of replying that Calling Side returns.
After step 11-12, resource reservation success, callee side returns acknowledge message to Calling Side.
Optionally can carry out the processing of alerting ring step 13-14, called subscriber.
Step 15-16, called subscriber answer after, return the AS that a final response 200OK gives Calling Side.
Returning ACK after step 17-18, AS receive 200OK confirms.
From the above-mentioned description that AS the IMS network is made a call as can be known, after having used PSI, the user can ask to set up session with a PSI, as talking with professional foundation the in a chatroom, the AS at this PSI place is after the message that receives from the user, need other users in the chatroom send this message, at this moment, the AS at PSI place need represent the user's initiation session foundation request that sends message or directly transfer immediate news to other users by SIP MESSAGE.
Because need prevent that service request and follow-up service traffics that AS initiates from being swindle or unsafe, so, need carry out necessary security and authentication process to AS.The IMS network is realized by AS permission list (AS allows tabulation) safety and the authentication process of AS.
AS allows whether tabulation is that the qualification that is allowed to inquire about is checked to the AS that sends query requests, and this inspection is a granularity with AS, has only the AS that has passed through this tabulation inspection just can carry out the processing procedure of subsequent message.
But, initiate in the AS representative of consumer under the situation of service request, if there is an AS who is arranged in AS permission tabulation to obtain user profile by certain mode, then this AS can replace other users to make a call in the IMS network according to its user profile that obtains without authorization, though this AS may can only represent the call request of own initiation in the IMS network, such as the advertisement pushing service etc.Other users in the network or application server will be received the call request of the user's name initiation that obtains with AS, thereby make network security have hidden danger, and user's legitimate interests are suffered damage.
Summary of the invention
The objective of the invention is to, conversation controlling method and device in a kind of IMS network are provided, detect, eliminated the potential safety hazard that exists in the network, the legitimate interests that guaranteed the user are without prejudice by authority to AS representative of consumer initiation session.
For achieving the above object, the conversation controlling method in a kind of IMS network provided by the invention comprises:
A, the authority information of AS (application server) representative of consumer initiation session is set;
B, in AS representative of consumer initiation session process, the IMS network functional entity obtains described authority information, and controls according to the conversation procedure that this authority information is initiated the AS representative of consumer.
Described IMS network functional entity is: HSS or S-CSCF.
Described step a specifically comprises:
The authority information of AS representative of consumer initiation session is set in HSS.
Described step a specifically comprises:
Allow to increase permission in the tabulation and/or forbid the user totem information of AS representative of consumer initiation session at the AS of HSS.
Described step b specifically comprises:
B1, AS send the query requests of user data to HSS;
The conversation procedure that canned data was initiated the AS representative of consumer during b2, HSS allowed to tabulate according to the information of carrying in the query requests, AS is checked and is controlled.
The query requests of user data comprises among the described step b1: the query requests of the address information of the S-CSCF of user's correspondence;
And described step b2 specifically comprises:
HSS obtains AS according to the user data index information that carries in the described query requests and allows corresponding list item in the tabulation;
HSS judges according to the AS identification information that carries in the query requests, described user ID, described list item information whether inquiry is successful;
If determine to allow inquiry S-CSCF address information and allow AS representative of consumer initiation session, the S-CSCF address information is carried in the response message of successful inquiring and transfers to AS;
If determine not allow to inquire about S-CSCF address information or inquiry less than the S-CSCF address information or do not allow AS representative of consumer initiation session, the S-CSCF address information is carried in the response message of inquiry failure and transfers to AS.
Described step a specifically comprises:
The predetermined field that is provided with among the User Profile of HSS is the authority information of AS representative of consumer initiation session.
Described predetermined field is an AS information, and described step b specifically comprises:
It is AS when starting session that session that request message determines that needs are set up is set up in the SIP session that S-CSCF sends according to AS, judges from the User Profile of HSS download whether include described AS information;
If include described AS information, determine that this AS has the authority of representative of consumer initiation session, allow to carry out the subsequent treatment that request message is set up in described SIP session;
If do not include described AS information, determine that this AS does not have the authority of representative of consumer initiation session, refusal carries out the subsequent treatment that request message is set up in described SIP session.
Described step a specifically comprises:
The AS identification information that allows AS representative of consumer initiation session is set in the User of HSS Profile.
Described step a specifically comprises:
The AS identification information that allows AS representative of consumer initiation session is set in the User Profile that is in registered (login state); Or
The AS identification information that allows AS representative of consumer initiation session is set in the User Profile that is in unregistered (unregistered state); Or
The AS identification information that allows AS representative of consumer initiation session all is set in being in the User Profile of login state and unregistered state; Or
With the irrelevant User Profile of login state in the AS identification information that allows AS representative of consumer initiation session is set.
Described step b specifically comprises:
It is that AS is when starting session that session that request message determines that needs are set up is set up in the SIP session that S-CSCF sends according to AS, according to the SIP session of its reception set up the information of carrying in the request message and the User Profile that downloads from HSS in filter rule information mate, and judge the AS identification information that allows AS representative of consumer initiation session and send the SIP session and set up the AS of request message whether the match is successful;
If the match is successful, determine that the AS of described representative of consumer initiation session has the authority of representative of consumer initiation session, allow to carry out the subsequent treatment that request message is set up in described SIP session;
If coupling is unsuccessful, determine that the AS of described representative of consumer initiation session does not have the authority of representative of consumer initiation session, refusal carries out the subsequent treatment that request message is set up in described SIP session.
Described definite session of need setting up is that the start step of session of AS specifically comprises:
To set up the session that content among orig field, record route header field and the p-asserted-identity in the request message determines that needs are set up be the AS session of starting in session according to SIP.
The present invention also provides session control device in a kind of IMS network, comprising:
Obtain the authority information module: in AS representative of consumer initiation session process, obtain the authority information of AS representative of consumer initiation session, and transmit it to the module that defines the competence;
Module defines the competence: determine according to the information of carrying in the authority information of its reception, the request message that AS sends whether this AS allows the representative of consumer initiation session, and the message transmission that will allow or forbid is to the session control module;
Session control module: the process of AS representative of consumer initiation session is carried out the control corresponding processing according to the permission of its reception or the information of forbidding.
Described device is: S-CSCF or HSS.
Description by technique scheme as can be known, the present invention is by being provided with the authority information of AS representative of consumer initiation session, the IMS network functional entity can be detected the authority whether AS has the representative of consumer initiation session according to this authority information, thereby can effectively control the conversation procedure that the AS representative of consumer is initiated, the phenomenon of having avoided AS to represent other users to make a call in the IMS network has without authorization been eliminated the potential safety hazard that exists in the network; The authority information of AS representative of consumer initiation session of the present invention can be arranged among the HSS, and set-up mode is flexible, allow and/or forbid the user totem information of AS representative of consumer initiation session as allowing at AS to be provided with among tabulation or the User Profile, utilize among the User Profile original field contents etc. for another example; The authority that the invention provides multiple AS representative of consumer initiation session detects implementation procedure, make the present invention can satisfy various detection demands in the real network, as in the process that allows the user data that AS reads in inquiry AS representative of consumer initiation session authority being detected, when request message is set up in AS transmission SIP session to S-CSCF, AS representative of consumer initiation session authority is detected for another example; Thereby realized the raising internet security by technical scheme provided by the invention, improved the purpose of user satisfaction.
Description of drawings
Fig. 1 is the flow chart that AS makes a call in the IMS network in the prior art;
Fig. 2 is a session control device schematic diagram of the present invention.
Embodiment
If in AS representative of consumer initiation session process, the qualification that can AS the representative of consumer initiation session is checked, the phenomenon that can effectively avoid AS to represent other users in the IMS network, to make a call without authorization then, thereby avoided the potential safety hazard that exists in the network, user's legitimate interests are effectively guaranteed.
Therefore, core of the present invention is: the authority information that AS representative of consumer initiation session is set, in AS representative of consumer initiation session process, the IMS network functional entity obtains described authority information, and controls according to the conversation procedure that this authority information is initiated the AS representative of consumer.
Based on core concept of the present invention technical scheme provided by the invention is further described below.
The present invention at first needs to be provided with the authority information of AS representative of consumer initiation session, and this authority information can be arranged among the HSS, as is arranged at AS and allows in the tabulation or be arranged among the User Profile.This authority information can be newly-installed information, when allowing in the tabulation as the AS that is arranged at HSS when this authority information, expansion AS allows tabulation, allow in the tabulation new field contents to be set at AS, this newly-installed field contents is the authority information of AS representative of consumer initiation session, as the user totem information that allows AS representative of consumer initiation session is set or is provided with and forbid the user totem information of AS representative of consumer initiation session or the user totem information that allows AS representative of consumer initiation session is set and forbids the user totem information etc. of AS representative of consumer initiation session.The user totem information of above-mentioned setting can be IMPU or MSISDN (Mobile SubscriberISDN Number, mobile contracted user's ISDN number) information.This authority information also can utilize original information content, when being arranged among the User Profile when this authority information, utilizes original AS information etc.
When the authority information of AS representative of consumer initiation session was arranged in the AS permission tabulation, the present invention can make full use of the process of AS to its user data that reads of HSS inquiry permission, realizes session control of the present invention, and it realizes that substantially principle is:
When AS needs the representative of consumer initiation session to set up request, AS sends query requests to obtain user data to HSS, HSS receives this query requests, and from query requests, obtain the index information of user data, determine that according to this index information AS allows the corresponding list item in the tabulation, allow the user data that reads and the authority information of AS representative of consumer initiation session to judge whether to allow AS representative of consumer initiation session according to the AS in this list item, and return corresponding response message to AS according to judged result.
Below according to above-mentioned realization principle, be example with AS inquiring calling side user's S-CSCF address information, session control process of the present invention is described in detail.
Set AS and allow to have increased the user totem information that allows AS representative of consumer initiation session in the tabulation, as IMPU or MSISDN information etc., AS needs representative of consumer IMPUa initiation session.
Because the S-CSCF that distributes for the user is according to user's registration scenarios dynamic change, so AS at first needs to send query requests to obtain the address of the current S-CSCF that serves for this user to HSS.The user here is the user with IMPU.
AS sends inquiry request message by the sh interface to HSS, has carried user's public user identity IMPUa in this inquiry request message, and the user data that expression AS need inquire about is current S-CSCF address for this IMPUa service.
HSS receives on Sh interface after the query requests from AS, index according to the user data of the needs that carry in inquiry request message inquiry determines that AS allows the corresponding list item in the tabulation, then, judge according to the AS that carries in inquiry request message sign, IMPUa whether this AS is allowed to read in the user totem information of permission AS representative of consumer initiation session of the S-CSCF address information of user IMPUa and this list item whether include IMPUa; Include IMPUa if allow to read in S-CSCF address information and this list item in the user totem information that allows AS representative of consumer initiation session, then the S-CSCF address information of the user IMPUa response message by successful inquiring is returned to AS; If do not allow to read the S-CSCF address information or search, then will inquire about the response message of failing and return to AS less than not including IMPUa in the user totem information that allows AS representative of consumer initiation session in S-CSCF address information or this list item.
When AS obtains the S-CSCF address from the response message of successful inquiring, and represent the IMPUa initiation session to set up when asking, it is to have passed through AS representative of consumer initiation session authority testing process that request message is set up in this session that S-CSCF receives, and detect the message that successful AS sends, be that request message is set up in safe converging.When AS received the response message of inquiry failure, AS can't obtain the S-CSCF address of IMPUa correspondence, therefore, can't represent the IMPUa initiation session to set up request, thereby had avoided the S-CSCF place to receive that this unsafe session sets up request message.
This method can be applicable to the IMS system of new realization easily, detects because the present invention has realized the authority of AS representative of consumer initiation session in the query requests testing process of AS, has improved Business Processing efficient.
Consider that present existing IMS system is more stable, in order to reduce the influence that method of the present invention is caused existing application as far as possible, the present invention can also increase extra processing procedure and check whether AS has authority representative of consumer initiation session outside inquiry S-CSCF process, like this, the scope check processing procedure to AS representative of consumer initiation session of the present invention's introducing can not influence the existing processing procedure that the query requests of AS is detected.
Outside inquiry S-CSCF process, the detailed process that increases the authority detection of extra processing procedure realization AS representative of consumer initiation session is:
AS sends inquiry request message by the sh interface to HSS, has carried user's public user identity MSISDNb in this inquiry request message, and the user data that expression AS need inquire about is current S-CSCF address for this MSISDNb service.
HSS receives on Sh interface after the inquiry request message from AS, index according to the user data of the needs that carry in inquiry request message inquiry determines that AS allows the corresponding list item in the tabulation, then, judge according to the AS sign, the MSISDNb that carry in the query messages whether this AS is allowed to read the S-CSCF address information of user MSISDNb.
After said process finishes and is determining to allow AS to read the S-CSCF address information, carry out the scope check process of AS representative of consumer initiation session again, detailed process is: HSS determines that according to the index of the user data of the needs inquiry of carrying in the inquiry request message AS allows the corresponding list item in the tabulation, then, judge according to the user totem information that allows AS representative of consumer initiation session in AS sign, MSISDNb and the tabulation of carrying in the inquiry request message whether this AS is allowed to the representative of consumer initiation session.If allow, then the S-CSCF address information of the user MSISDNb response message by successful inquiring is returned to AS, AS is according to the S-CSCF address that obtains, represent the MSISDNb initiation session to set up request, at this moment, it is to have passed through AS representative of consumer initiation session authority testing process that request message is set up in this session that S-CSCF receives, and detects the message that successful AS sends, and is that request message is set up in safe converging.If do not allow, the response message that then will inquire about failure returns to AS, and AS can't obtain the S-CSCF address of MSISDNb correspondence, therefore, can't represent the MSISDNb initiation session to set up request, thereby avoid the S-CSCF place to receive this unsafe request message.
When on behalf of a PSI, AS initiate a session request, can from HSS, inquire about the address information that obtains S-CSCF, also can know the address of S-CSCF, directly the S-CSCF that request message sends to appointment be set up in session by static configuration by the SH interface.For the situation of static configuration, just can not use AS to allow tabulation to realize the qualification exam process of AS representative of consumer initiation session.
The address configuration of S-CSCF is on AS, mean that there is certain trusting relationship in IMS operator to this AS, but, still there are possible security breaches, therefore, when the address configuration of S-CSCF was on AS, the present invention proposed AS that another kind of method avoids may occurring under this configuration and represents the PSI that oneself haves no right to represent or IMPU to initiate a session request to set up the phenomenon of session.
In this method, the authority information of AS representative of consumer initiation session can be arranged among the User Profile.
When AS after S-CSCF sends the SIP session and sets up request message, S-CSCF is considered as a common SIP session with it and sets up request message, check according to its User Profile information of from HSS, downloading, as carry out the IFC matching process, this matching process is identical with existing IFC matching process, all be to go to mate each bar triggering rule according to each information field in the sip message of receiving, if the match is successful, will correspond to an AS, difference is, when S-CSCF judges the calling that this calling starts for AS, need in above-mentioned matching process, increase the scope check of an AS representative of consumer initiation session.
Describe with the scope check process of two concrete examples below AS representative of consumer initiation session of the present invention.
The authority information of example 1, setting AS representative of consumer initiation session is an existing reserved word segment information among the User Profile, as AS information.
The calling that the representative IMPU/PSI that starts for AS initiates, S-CSCF carries out in the IFC matching process in the User Profile information of downloading from HSS according to it, the AS that sets up request message when initiation session once occurred in user's iFC tabulation, be that user's session information such as log-on message etc. can be routed to initiation session when setting up the AS of request message, represent that this AS can represent this user's initiation session; The AS that sets up request message when initiation session did not occur in user's iFC tabulation, and promptly user's session information such as log-on message etc. can not be routed to initiation session when setting up the AS of request message, represent that this AS cannot represent this user's initiation session.
This method relatively is applicable to the IMS network of the S-CSCF/HSS that has at present used, and this method to the transmission of messages between the existing network architecture of IMS and S-CSCF and the HSS without any influence.
The authority information of example 2, setting AS representative of consumer initiation session is the new field contents of introducing in User Profile, the content of this field is used to represent to allow the grant column list of AS representative of consumer initiation session, as increase the AS identification information that allows/forbid AS representative of consumer initiation session in User Profile.
Represent the originating call of IMPU/PSI for AS, need to detect the field contents that increases newly among the User Profile, detect AS whether in this grant column list, if AS is in this grant column list, represent that then this AS can the representative of consumer initiation session, request is set up in this session that S-CSCF allows AS to send; If AS not in this grant column list, represents then that this AS can not the representative of consumer initiation session, request is set up in this session that S-CSCF refusal AS sends.
Example 2 is applicable to that relatively S-CSCF/HSS newly is applied to the situation of IMS network.
In the description process of above-mentioned example 1, example 2, S-CSCF determines that session that AS initiates is that the method for the AS originating call of represent IMPU/PSI is: setting up orig field in the request message by session, to differentiate this calling be originating call, being identified as by record route header field is the calling which AS starts, and discerns the originating call that on behalf of which IMPU/PSI, AS initiate by p-asserted-identity.
Realize in the session control process at above-mentioned use IFC matching mechanisms, consider in the R6 version, the download of IFC need be distinguished user registration state, therefore, in configuration IFC, when if AS sets up request in the representative of consumer initiation session, need to distinguish the current login state of user, then this is used for checking that the IFC of AS representative of consumer initiation session legitimacy will only be configured in the user profile of corresponding login state, as only being configured in the REGISTERED part, perhaps only dispose the UNREGISTERED part, perhaps be configured among the User Profile that has nothing to do with login state.When if AS sets up request in the representative of consumer initiation session, do not need to distinguish the current login state of user, promptly irrelevant with the current login state of user, and distinguish user data according to login state among the user profile of HSS, then can in the user of different login states profile, all increase the configuration of this IFC.
The present invention is by strengthening the checking process to AS in the existing IMS network; promptly increase the detection of AS representative of consumer initiation session authority; make the IMS network not only can be at AS itself to the inspection of AS; can also be further at AS on behalf of the user who makes a call; thereby avoided an application server that is arranged in AS permission tabulation when having no right to replace certain user to make a call; the phenomenon that replaces certain user to make a call; eliminate the potential safety hazard that exists in the IMS network, protected user's legitimate interests.
Session control device as shown in Figure 2 in the IMS network provided by the invention.
Device among Fig. 2 mainly comprises: obtain the authority information module, the module that defines the competence and session control module.
Obtain the authority information module and be mainly used in AS representative of consumer initiation session process, obtain the authority information of AS representative of consumer initiation session, and transmit it to the module that defines the competence.
When session control device was HSS, the authority information of AS representative of consumer initiation session can be arranged at and obtain in the authority information module, and the authority information of AS representative of consumer initiation session can allow the form storage of tabulation with AS, and is concrete as the description in the above-mentioned method.Obtain the authority information module and can obtain the authority information of corresponding AS representative of consumer initiation session, and transmit it to the module that defines the competence according to the query requests of obtaining its user data that reads of permission that AS sends.
When session control device was S-CSCF, the authority information of AS representative of consumer initiation session can be arranged among the HSS, like this, obtained the authority information module need be obtained AS representative of consumer initiation session from HSS authority information, and is concrete as the description in the above-mentioned method.
The module that defines the competence is mainly used in the information of carrying in the request message that authority information according to its reception, AS transmission come and determines whether this AS allows the representative of consumer initiation session, and the message transmission that will allow or forbid is to the session control module.
When session control device is HSS, the request message that AS transmission comes is the inquiry request message that allows the user data that reads, the process that the module that defines the competence is judged can be carried out the query requests processing procedure of S-CSCF simultaneously with HSS, also can occur in after the query requests processing procedure of S-CSCF, concrete as the description in the method.
When session control device is S-CSCF, the request message that the AS transmission comes is that request message is set up in session, the module that defines the competence is determining that this session that need set up is starting during session of AS representative of consumer, determine whether this AS allows the representative of consumer initiation session, the description in specific implementation process such as the above-mentioned method according to the information of carrying in the next request message of authority information, the AS transmission of its reception.
The session control module is mainly used in carries out control corresponding according to the permission of its reception or the information of forbidding to the process of AS representative of consumer initiation session and handles.
When session control device was HSS, the session control module can provide the address information of S-CSCF or provide the address information of S-CSCF to control the process of AS representative of consumer initiation session to AS to AS by refusal.Concrete as the description in the above-mentioned method.
When session control device was S-CSCF, the session control module can be set up the process that request message is controlled AS representative of consumer initiation session by the session that the session that refusal AS sends is set up request message or allowed AS to send.Concrete as the description in the above-mentioned method.
Though described the present invention by embodiment, those of ordinary skills know, the present invention has many distortion and variation and do not break away from spirit of the present invention, and the claim of application documents of the present invention comprises these distortion and variation.
Claims (12)
1. the conversation controlling method in the IMS network is characterized in that, comprising:
A, the authority information of application server AS representative of consumer initiation session is set;
B, in AS representative of consumer initiation session process, IP Multimedia System IMS network functional entity obtains described authority information, determine according to this authority information whether this AS is allowed to the representative of consumer initiation session, and the conversation procedure that the AS representative of consumer is initiated controlled, described IMS network functional entity is: home signature user server HSS or service call State Control function S-CSCF.
2. the conversation controlling method in a kind of IMS network as claimed in claim 1 is characterized in that described step a specifically comprises:
The authority information of AS representative of consumer initiation session is set in HSS.
3. the conversation controlling method in a kind of IMS network as claimed in claim 2 is characterized in that described step a specifically comprises:
Allow to increase permission in the tabulation and/or forbid the user totem information of AS representative of consumer initiation session at the AS of HSS.
4. the conversation controlling method in a kind of IMS network as claimed in claim 3 is characterized in that described step b specifically comprises:
B1, AS send the query requests of user data to HSS;
The conversation procedure that b2, HSS initiate the AS representative of consumer according to canned data in information of carrying in the query requests and the AS permission tabulation is checked and is controlled.
5. the conversation controlling method in a kind of IMS network as claimed in claim 4 is characterized in that:
The query requests of user data comprises among the described step b1: the query requests of the address information of the S-CSCF of user's correspondence;
And described step b2 specifically comprises:
HSS obtains AS according to the user data index information that carries in the described query requests and allows corresponding list item in the tabulation;
HSS judges according to the AS identification information that carries in the query requests, described user ID and described list item information whether inquiry is successful;
If determine to allow inquiry S-CSCF address information and allow AS representative of consumer initiation session, the S-CSCF address information is carried in the response message of successful inquiring and transfers to AS;
If determine not allow to inquire about S-CSCF address information or inquiry less than the S-CSCF address information or do not allow AS representative of consumer initiation session, the response message of inquiry failure is transferred to AS.
6. the conversation controlling method in a kind of IMS network as claimed in claim 1 is characterized in that described step a specifically comprises:
The predetermined field that is provided with in the user description information of HSS is the authority information of AS representative of consumer initiation session.
7. the conversation controlling method in a kind of IMS network as claimed in claim 6 is characterized in that, described predetermined field is an AS information, and described step b specifically comprises:
It is AS when starting session that session that request message determines that needs are set up is set up in the Session initiation Protocol SIP session that S-CSCF sends according to AS, judges from the user description information of HSS download whether include described AS information;
If include described AS information, determine that this AS has the authority of representative of consumer initiation session, allow to carry out the subsequent treatment that request message is set up in described SIP session;
If do not include described AS information, determine that this AS does not have the authority of representative of consumer initiation session, refusal carries out the subsequent treatment that request message is set up in described SIP session.
8. the conversation controlling method in a kind of IMS network as claimed in claim 1 is characterized in that described step a specifically comprises:
The AS identification information that allows AS representative of consumer initiation session is set in the user description information of HSS.
9. the conversation controlling method in a kind of IMS network as claimed in claim 8 is characterized in that described step a specifically comprises:
The AS identification information that allows AS representative of consumer initiation session is set in being in the user description information of login state; Or
The AS identification information that allows AS representative of consumer initiation session is set in being in the user description information of unregistered state; Or
The AS identification information that allows AS representative of consumer initiation session all is set in the user description information that is in login state and unregistered state; Or
With the irrelevant user description information of login state in the AS identification information that allows AS representative of consumer initiation session is set.
10. the conversation controlling method in a kind of IMS network as claimed in claim 8 is characterized in that described step b specifically comprises:
It is that AS is when starting session that session that request message determines that needs are set up is set up in the SIP session that S-CSCF sends according to AS, according to the SIP session of its reception set up the information of carrying in the request message and the user description information downloaded from HSS in filter rule information mate, and judge the AS identification information that allows AS representative of consumer initiation session and send the SIP session and set up the AS of request message whether the match is successful;
If the match is successful, determine that the AS of described representative of consumer initiation session has the authority of representative of consumer initiation session, allow to carry out the subsequent treatment that request message is set up in described SIP session;
If coupling is unsuccessful, determine that the AS of described representative of consumer initiation session does not have the authority of representative of consumer initiation session, refusal carries out the subsequent treatment that request message is set up in described SIP session.
11. the conversation controlling method as in claim 7 or the 10 described a kind of IMS networks is characterized in that, described definite session of need setting up is that the start step of session of AS specifically comprises:
To set up the session that content among orig field, record route header field and the p-asserted-identity in the request message determines that needs are set up be the AS session of starting in session according to SIP.
12. session control device in the IMS network is characterized in that, described device is: service call State Control function S-CSCF entity or home signature user server HSS, and described device comprises:
Obtain the authority information module: in application server AS representative of consumer initiation session process, obtain the authority information of AS representative of consumer initiation session, and transmit it to the module that defines the competence;
Module defines the competence: the information of carrying in the request message that sends according to the authority information and the AS of its reception determines whether this AS is allowed to the representative of consumer initiation session, and the message transmission that will allow or forbid is to the session control module;
Session control module: the process of AS representative of consumer initiation session is carried out the control corresponding processing according to the permission of its reception or the information of forbidding.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510123209 CN1968262B (en) | 2005-11-15 | 2005-11-15 | Session control method and apparatus in IMS network |
| PCT/CN2006/002799 WO2007056925A1 (en) | 2005-11-15 | 2006-10-20 | A session control method and equipment in ims network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510123209 CN1968262B (en) | 2005-11-15 | 2005-11-15 | Session control method and apparatus in IMS network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1968262A CN1968262A (en) | 2007-05-23 |
| CN1968262B true CN1968262B (en) | 2011-04-06 |
Family
ID=38048285
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200510123209 Expired - Fee Related CN1968262B (en) | 2005-11-15 | 2005-11-15 | Session control method and apparatus in IMS network |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN1968262B (en) |
| WO (1) | WO2007056925A1 (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101163344B (en) * | 2007-10-24 | 2011-04-20 | 中兴通讯股份有限公司 | Method of processing call initiated from application server camouflaged by user facility |
| CN101621772B (en) * | 2008-07-02 | 2012-06-06 | 中国移动通信集团公司 | Session control method and equipment |
| CN101364874B (en) * | 2008-09-27 | 2011-07-06 | 华为终端有限公司 | Medium transferring method, terminal and application server |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2002061604A1 (en) * | 2001-01-31 | 2002-08-08 | Telcordia Technologies, Inc. | System and method for out-sourcing the functionality of session initiation protocol (sip) user agents to proxies |
| CN1483265A (en) * | 2000-08-01 | 2004-03-17 | ��˹��ŵ�� | Techniques for performing UMTS (universal mobile telecommunications system) authentication using SIP (session initiation protocol) messages |
| WO2004032415A1 (en) * | 2002-10-03 | 2004-04-15 | Nokia Corporation | Method and apparatus enabling reauthentication in a cellular communication system |
| EP1583312A1 (en) * | 2004-04-02 | 2005-10-05 | France Telecom | Apparatuses and method for controlling access to an IP multimedia system from an application server |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH11328117A (en) * | 1998-05-14 | 1999-11-30 | Hitachi Ltd | User managing method of authentication system |
-
2005
- 2005-11-15 CN CN 200510123209 patent/CN1968262B/en not_active Expired - Fee Related
-
2006
- 2006-10-20 WO PCT/CN2006/002799 patent/WO2007056925A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1483265A (en) * | 2000-08-01 | 2004-03-17 | ��˹��ŵ�� | Techniques for performing UMTS (universal mobile telecommunications system) authentication using SIP (session initiation protocol) messages |
| WO2002061604A1 (en) * | 2001-01-31 | 2002-08-08 | Telcordia Technologies, Inc. | System and method for out-sourcing the functionality of session initiation protocol (sip) user agents to proxies |
| WO2004032415A1 (en) * | 2002-10-03 | 2004-04-15 | Nokia Corporation | Method and apparatus enabling reauthentication in a cellular communication system |
| EP1583312A1 (en) * | 2004-04-02 | 2005-10-05 | France Telecom | Apparatuses and method for controlling access to an IP multimedia system from an application server |
Non-Patent Citations (1)
| Title |
|---|
| 全文. |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1968262A (en) | 2007-05-23 |
| WO2007056925A1 (en) | 2007-05-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100362807C (en) | Method for realizing user registration in internet protocol multimedia subsystem | |
| CA2552531C (en) | A method for reducing interface load of home subscriber server | |
| US9300628B2 (en) | Correlating communication sessions | |
| US20060034195A1 (en) | SIP message extension for push to watch service | |
| US20080039081A1 (en) | Method for implementing ip multimedia subsystem registration | |
| CN102187637B (en) | IP multimedia subsystem user identity handling | |
| US8325707B2 (en) | Session initiation from application servers in an IP multimedia subsystem | |
| WO2005107210A1 (en) | Session inspection scheme | |
| CN1642346A (en) | Method for user to register on belonging signatory user's service device | |
| US8345596B2 (en) | Call control method for seamless mobility service | |
| EP2119178B1 (en) | Method and apparatuses for the provision of network services offered through a set of servers in an ims network | |
| KR100703426B1 (en) | Method and apparatus for sending and receiving call unregistered user in a ip multimedia subsystem network | |
| CN100583837C (en) | Method for implementing service based on IMS | |
| CN1921482B (en) | Method and device for business processing based on conversation initiating protocol | |
| CN101018240B (en) | The method for checking the validity of the uniform resource identifier of the universal routing user agent | |
| CN1968262B (en) | Session control method and apparatus in IMS network | |
| CN100433913C (en) | Method for realizing registering in IP multi-media subsystem | |
| CN100499670C (en) | Method of ascertaining service call control function in registration process | |
| CN100433909C (en) | Method for transmitting call command from electric switching network to IMS network | |
| CN100499469C (en) | Off-line charging method | |
| KR100608907B1 (en) | Method and system for recording image communication data in 3gpp ims network | |
| EP2083577B1 (en) | User device and registration method of user device | |
| CN1997024A (en) | A method for load alleviation of the server interface of the homing subscribed user | |
| KR100955767B1 (en) | Apparatus and method for restricting registration of voip terminals | |
| KR20100131787A (en) | Method anc device for processing a call in an ip multimedia subsystem network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110406 Termination date: 20121115 |